CHAPTER 10: Network Management 506 without side authorities. Lastly we addressed network monitoring which included a brief example of a few tools and how to use them to conduct network monitoring (see Figure 10.9). We also suggested some helpful tips on where to look to collect logging information when using some of the default tools installed on operating systems such as Microsoft Windows XP when we talk about the Event Viewer (see Figure 10.10). While discuss- ing network monitoring, we touched on a few terms such as QoS, traffic shaping, load balancing, high availability, and fault tolerance also known as redundancy. Each of these terms is very important in the network monitor- ing construct because each one is directly related to all the rest in assisting you, the network engineer and/or manager, in troubleshooting and network optimization. EXAM OBJECTIVES FAST TRACK Network Management Network management includes the activities, techniques, mea- sures, and gear that pertain to how you operate, administer, main- tain, and condition the networked information systems to ensure the highest availability possible within your budget. Maintaining network equipment, upgrades, repairs (preventative  maintenance); configuring resources for optimal resource usage and network performance (VOIP) via monitoring techniques; configura- tion management documentation (wiring schematics for your WAN links and local POP, network diagrams, baselines, policies and regu- lations) are all inclusive to network management. A common way of characterizing network management functions is  FCAPS. Configuration Management CM is a practice that involves documentation of a device’s configu- ration, as well as keeping that documentation up-to-date so that any future changes can be controlled and tracked. Change control documentation provides a record of changes that  have been made to a system, which can be used in troubleshooting problems and upgrading systems. Exam Objectives Fast Track 507 Wiring schematics are simple sketches that are created before and  during installation of the physical media used for computers to talk to each other. Physical network diagrams contain each physical device and physi- cal connection inside your network. Logical network diagrams include but are not limited to protocols,  configurations, IP addressing, subnets, access control lists, and security devices. A baseline is how networks operate under “normal” conditions  which help you recognize performance, collision, and utilization issues when comparing your “normal” conditions to previous peri- ods of operation. A calculated plan of action to guide decisions and achieve sound  outcomes is the goal of creating and adhering to policies, proce- dures, and configurations. Communications Assistance for Law Enforcement Act (CALEA)  requires telecommunications companies and equipment industries to allow for surveillance capabilities. HIPAA – “The Office for Civil Rights enforces the HIPAA Privacy Rule,  which protects the privacy of individually identifiable health informa- tion, and the confidentiality provisions of the Patient Safety Rule …” Network Monitoring Network monitoring is a technique used to identify performance  and connectivity issues. Using a tool called packet sniffer allows you to collect all the data that is being transmitted to and from your computer or between routers. Notification documentation includes contact information for specific  people in an organization, their roles, and when they should be called. Network performance optimization is simply assessing your  network’s status on an ongoing basis by monitoring and discovering network traffic and logs. QoS prevents dropped packets, delay/latency, jitter, and errors.  Some common QoS protocols include RSVP and MPLS. CHAPTER 10: Network Management 508 Traffic shaping is a technique employed by specifying what traffic  and at what rate (rate limiting) in a span of time (bandwidth throt- tling) you are going to allow in or out of your network. Load balancing is used on computer networks to distribute the  incoming traffic upon other network devices if there are indications of increased network traffic or “load”. High availability is a system design protocol which once imple- mented assures a specific degree of uptime continuity in a specific period of time. Cache engines are networked servers dedicated to caching data for  clients. Fault tolerance is also known as  redundancy which refers to what you have in place in the case of a network failure and the plan of how you can recover that lost device with a back-up device that is ready to take the failed one’s place. EXAM OBJECTIVES FREQUENTLY ASKED QUESTIONS What do I need to know about network management for the test?Q: Remember that network management refers to the activities, tech-A: niques, measures, and gear that help network engineers and man- agers to operate, administer, maintain, and condition networked information systems to ensure the highest availability possible within an IT department’s budget. Are there any formal methods for implementing network manage-Q: ment functions? Yes. A common way of characterizing network management func-A: tions is FCAPS – Fault, Configuration, Accounting, Performance, and Security. Why is MTTR important?Q: MTTR is important to understand because this is a critical mea-A: surement in an overall network management framework used to measure how long it takes to execute replacement procedures for critical networked devices. Keeping MTTR short as possible will ensure you have the most efficient procedures and mechanisms in place to cut costs in your IT department’s budget so you can spend the savings on higher priority tasks. Exam Objectives Frequently Asked Questions 509 What does CM really have to do with computer networking?Q: CM is the most vital part of computer networking because without A: a written and agreed-upon plan to manage your network devices, services, and failures you will find yourself stuck in complex imple- mentations, troubleshooting, and replacing devices. What is the main difference between physical and logical network Q: diagrams? The difference is that physical network diagrams are only going to A: include the physical characteristics of your network such as loca- tion, media converter connections, and the speed of the network links, whereas logical network diagrams only include the logical pieces of your network such as IP address, subnets, protocols, ser- vices, and so on. How do baselines and policies, procedures, and configurations Q: relate? Baselines help you to identify how your network operates under A: “normal” conditions. By creating a baseline you can start to recog- nize performance, collision, and utilization issues when comparing your “normal” conditions to previous periods of operation. Your baseline will then guide how your policies, procedures, and con- figurations should be created. For example, if you want to create a policy on how much space a user is allowed to have for e-mail you must first determine how much space is being used for e-mail by each user and then monitor that activity to find the “normal” size or average size most users consume for email. Once you have established a baseline you now know what “normal” is for the size of a typical user’s e-mail usage. You now can decide whether or not to create a policy to state each user is allowed to have this amount of e-mail storage based on the normal conditions of the normal e-mail user in the network. What is the most important part about network monitoring?Q: The most important point about network monitoring is that, just A: as documentation on configurations and changes can be helpful in solving problems with your network, so can the logs generated by the software running on these machines. Network monitor- ing includes review network system logs that are records of events that have occurred and actions that were taken. Many systems will provide logs that will give automated information on events that have occurred, including accounts that were used to log on, CHAPTER 10: Network Management 510 activities performed by users and by the system, and problems that transpired. Is QoS different from traffic shaping?Q: Yes. QoS is a measure of value of a network service (that is VoIP) A: compared to the expected or predicted performance quality that net- work service is actually producing on your network. Increasing usable bandwidth and lowering latency are the goals of traffic shap- ing. This technique is employed by specifying a traffic type to be allowed in and out of your network which is to be governed by a con- figured targeted rate (rate limiting) and time span (bandwidth throt- tling). In other words we use QoS to identify what traffic to shape [Q]. What is the difference between load balancing and high availability?Q: The difference between load balancing and high availability is A: that we use load balancing to distribute high volumes of traffic so that we can achieve a degree of high availability. Load balancing is a technique employed on computer networks to distribute the incoming traffic upon other network devices if there are indica- tions of increased network traffic or “load”. High availability is a system design protocol which once implemented assures a spe- cific degree of uptime continuity in a specific period of time. The goal of high availability is to ensure that users have the maxi- mum uptime so that they can access network resources anytime and anywhere. SELF TEST You have just been hired to Aplura Inc., a global ISP, as their first 1. junior network analyst. Bob, your supervisor, was late this morn- ing and before he picked up his daily cup of coffee he asks you to begin troubleshooting the connectivity from your office’s border router to the border router in your remote office in Sydney, Aus- tralia. You find the CM documentation but you are looking for the link speed of your router to determine if it is correct. What piece of information is missing from this document? A. Physical Access Methods B. Service Protocols C. Hardware Devices D. Software Applications Self Test 511 It is 2 a.m. (EST) on a Friday night. You are at work sweating 2. because you cannot find a piece of CM documentation that would resolve this crazy issue that got you out of bed four hours ago. You have looked in the server room and now you are trying to break into your boss’s office to see if he has what you are looking for. Just last week your company hired a consulting firm to install new switches that can be remotely managed by your Chief Information Officer’s blackberry. You didn’t care nor did you pay any mind to what CM changes have occurred, you were too busy fighting off users’ pass- word issues. But now, 2 a.m. on a Friday, you are in a real need of that document that describes the login procedures for the new switches. What type of CM documentation are you looking for? A. Physical network diagram documentation B. Wiring schematics documentation C. Configuration updates documentation D. Change control documentation Your friend and coworker Mike just got approval to buy four new 3. servers that will increase your fault tolerance by 80 percent. You both plan to celebrate by making a dinner reservation at the finest restaurant in town. Thirty minutes before you get to leave for the day your supervisor says, “We need three segments of UTP cabling made, 19.5-feet long to connect their notebooks to the develop- ment lab.” There is no other way they can connect up and this is urgent now because they have just received a call from your compa- ny’s top customer who wants a demonstration of the new product. In order to execute this demo for the customer they need network connectivity now! But you forgot how to make UTP cables; where can you find this information? A. Physical network diagram B. Logical network diagram C. Wiring schematics D. Wiring network server rack schematics As the network manager for a small ISP in Maryland serving over 4. 2,000 customers across the eastern United States, you are in charge of daily operations. Your regional supervisor just received a phone call from corporate. He asks you over the phone to develop a calcu- lated plan of action to guide decisions and achieve sound outcomes that provide guidelines that the installation contractors will use on CHAPTER 10: Network Management 512 how to access the closest data center which will be the location that is outfitted with the latest load balancing technology. What kind of document is your regional supervisor asking you to create? A. Common management documentation B. CM documentation C. Procedure D. Policy The FCC reports on how businesses need to accommodate local 5. law enforcement with respect to investigating identify theft. Since your brother-in-law is a state trooper he tells you all about this new FCC report and how it’s going to affect the whole town. Two weeks pass and you don’t hear anything new from your brother-in-law. You ring him up on your cell phone to find out why. Soon after he picks up the phone he says, “Hey, don’t you work for that commercial telecommunications company on 3rd Avenue?” You pause and say, “Yes, I do.” “Well, tomorrow morning Sargeant Dave Simpson is visiting your organization to investigate some cyber crime charges on a local; are you prepared to help him when he arrives?” What kind of CM documentation should you be very familiar with in order to assist state and federal governments? A. Policy B. Regulation C. Procedure D. Logical network diagram Just as you arrive to work you get a phone call from that one user 6. who always gives you a hard time over some simple user error like leaving their monitor off. Well this time the user cannot access her favorite news Web site. She tries and tries, but the Web site still doesn’t come up. You check her connectivity from her computer to the switch; it’s good. You ping her computer from your computer; it’s good. You now want to capture packets inbound and outbound from her computer. What network monitoring tool would you use to complete this task? A. Event viewer B. Cache engine C. Packet sniffer D. Load balancing server Self Test 513 You want to control and optimize the network traffic coming into 7. your domain, but your boss just does not see why load balancing is not helping. What technique will assist your boss in increasing usable bandwidth and lowering latency? A. Traffic shaping B. Load balancing C. High availability D. Jitter You’re VoIP phone rings. You pick it up and say, “Hello?” You listen 8. very closely but all you can hear is broken speech as if someone is talking very slowly but the words are not coming out right. You notice your VoIP switch is blinking red and you open up a command console to your VoIP switch to see why. Looks like there is a problem with your switch and it is not prioritizing your VoIP traffic above all else. What kind of service do you need to enable to ensure VoIP has the highest priority to ensure your VoIP packets are sent and received first? A. QoS B. Dropped C. Delay D. Jitter You are working for Google™ as an intern for the summer. You 9. have always wondered how googling occurred on the back end of all those servers. You ask your supervisor what technique they use to distribute incoming traffic onto other servers when the traffic load became overbearing for one single server. What technique does your supervisor tell you that Google™ uses to allow for a group of computers in a cluster to share traffic load? A. Traffic shaping B. Load balancing C. High availability D. Packet shaping You were just promoted to network operations manager for your 10. division called Customer Data Center Compliance. You have worked at DataFirst, Inc. for over 10 years and you expected the promotion; otherwise you were planning to take a job with MicroServer LLC. As you sit down at your new desk, with a window view, you get a phone call from one of your subordinates. Bob, who now works for you, is fielding a customer’s question about being able to access CHAPTER 10: Network Management 514 Internet Web sites quicker than just re-downloading it each time he visits it. You think really hard and tell Bob that he needs what? A. Network performance optimization B. Traffic policing C. Fault tolerance D. Cache engines What kind of network management documentation is displayed in 11. Figure 10.15? A. Logical network diagram B. Physical network diagram C. Wiring schematic D. CM documentation FIGURE 10.15 Sample network diagram Permission granted by Mark R. Lindsey, mark@lindsey.name. Network management would be impossible without policies, 12. procedures and configurations. Calculated plan of action to guide decisions and achieve sound outcomes is the goal of creating and adhering to policies, procedures and configurations. Security vulnerabilities and network management challenges are the outcomes of badly written or non-existent policies. To prevent this, consider how network technicians create user accounts. If each Self Test 515 network technician created user accounts differently you would have a lot of problems troubleshooting user account issues be- cause none of the accounts are configured off a standard guideline. Policies provide guidelines on who can create user accounts for instance. Procedures are much more than guidelines. Procedures lay out each step needed to accomplish a task. For example, when cre- ating a user account, the user ID may be the person’s last name and first initial and not to exceed eight characters. Detailed steps with procedures help execute policies. What is a common policy topic? A. A specific layout of the wiring inside your network server room B. Detailed steps in how to configure network backups C. Procedures for installing load balancing software D. IP addressing scheme As a junior network engineer you want to find out why a Windows 13. application fails each time you open it. You have four windows open on your Windows XP workstation. Which window is the one you will use to see application errors? FIGURE 10.16A Sample Wireshark capture . accounts are configured off a standard guideline. Policies provide guidelines on who can create user accounts for instance. Procedures are much more than guidelines. Procedures lay out each. asks you over the phone to develop a calcu- lated plan of action to guide decisions and achieve sound outcomes that provide guidelines that the installation contractors will use on CHAPTER 10:. ensure you have the most efficient procedures and mechanisms in place to cut costs in your IT department’s budget so you can spend the savings on higher priority tasks. Exam Objectives Frequently